Parasitical Firms Like Black Duck Exploit Bugs With Branding to Market Nonfree Services/Software

Dr. Roy Schestowitz

2015-02-07 21:53:44 UTC
Modified: 2015-02-07 21:53:44 UTC

Skulls

Summary: Parasites that take advantage of public panic and lack of comprehension are occupying paper space, as usual

LAST WEEK we wrote about the overblown threat called/dubbed "GHOST" (all capital letters) by the company seeking to make money from it despite being only the third to discover it and knowing it was not much of a big deal. We have not yet heard about any major exploit, which pretty much can be said about the OpenSSL bug as well (this one too was discovered by two entities before a Microsoft-connected firm irresponsibly publicised it, giving it a name and a logo to sell its own services and spread FOSS-hostile FUD for many months to come). What unifies the GLibC and OpenSSL bugs is that they got "brand recognition" very quickly. It was like a marketing campaign rather than a non-alarmist discussion about security -- something that non-technical/technically-illiterate journalists would surely fail at.

"As more stories are published in the media about big "hacks" (cracks) against large corporations we can't help but feel that the media neglects to mention that Microsoft Windows -- not OpenSSL or Bash, let alone GLibC -- is usually to blame."Days ago we saw the most FOSS-hostile IDG Web site becoming a platform of Black Duck, a Microsoft-connected firm that sells proprietary software by spreading and accentuating fear of FOSS. The article at hand uses bugs with "branding" to spook FOSS users while Black Duck, paying to publish this self-promotional press release on the same day, is still pretending to be an authority in FOSS.

The bugs with "branding" were also exploited by Veracode in this article (on the same day) and as Eric Lorenzo pointed out: "If businesses don't update legacy software, often they will will have bugs fixed in later versions! Shock!"

"I wonder what percentage of businesses are using obsolete Windows without updates," he added.

As more stories are published in the media about big "hacks" (cracks) against large corporations we can't help but feel that the media neglects to mention that Microsoft Windows -- not OpenSSL or Bash, let alone GLibC -- is usually to blame. It not only sports back doors but is also badly designed and won't patch known critical holes. It is basically designed to be not secure.

When it comes to reporting on computer security, the corporate press has almost zero legitimacy. All it knows is brands and it is eager to promote corporate partners that piggyback those brands (like "heartbleed") or stories (Anthem, Sony, etc.), claiming to be experts and offering remedies other than patches which were already issued and are free to apply by all. ⬆

Links 16/03/2026: Moscow Experiencing Cellphone Internet Outages, "Salman Rushdie Is Tired of Talking About Free Speech": Links for the day
Debian is Dying for Some of the Same Reasons IBM's Fedora is Rapidly Dying: Prioritising CoC censorship, not communities
2026 Microsoft Layoff Rumours: Surely if we had properly-functioning media, then someone would investigate this rather than rely on official statements from Microsoft and WARN notices
Someone at Association for Computing Machinery (ACM) is Censoring the Birthday Greetings to Richard Stallman: Some people remember
The European Patent Office (EPO) Illegally Transitioning Into 'Gig' 'Economy' Equivalent (a Shop for Patent Monopolies in Europe): for scabs aka SEALs
At Least Six EPO Strikes Next Month (Yes, Six!): The pressure intensifies over time
Several MPs Blast Solicitors Regulation Authority (SRA) for Inaction and Ineffective Action This Week: "Four MPs have written to the SRA"
Microsofters' SLAPP Censorship - Part 14 Out of 200: The Abusive Cases of the Serial Strangler From Microsoft and His Litigation Buddy Garrett Did Cause "Serious Harm": claims were de facto abandoned at the trial
Today's Discussions About How IBM Pushes Workers Out: The corporate media keeps trying - baselessly and in vain - to paint everything that happens with the "hey hi" brush
Linux Teck (linuxteck.com) and Ubuntu PIT (ubuntupit.com) Are Botspam: now they just keep experimenting by trashing their sites and reputation
Links 16/03/2026: Arctic Security and 'Mr. Nobody Against Putin': Links for the day
Gemini Links 16/03/2026: KN95 Skins and CSS Surprises: Links for the day
The Register MS is Again Femmewashing GAFAM (Which Makes Widows) in Exchange for Money: This is a moral issue because they betray or harm women and prop up authoritarian regimes
Gemini Links 16/03/2026: AB 1043, Lagrange Android Beta 47, and Poetry: Links for the day
"Slop-forking" or "Vibe-forking" as the New 'Noble' Plagiarism: New Cloudflare Slop Project?
EPO "Cocaine Communication Manager" - Part VII - Cult Mentality, Mobbing, Nepotism: Does the EPO actually believe in the law?
EPO Strike This Week: contact your national representatives about it
Gemini Links 15/03/2026: "Create Opportunities for Good Things to Happen", DOSbook, and Bitcoin Criticism: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, March 15, 2026: IRC logs for Sunday, March 15, 2026
Pirate Praveen Arimbrathodiyil & Debian denouncing volunteers, hiding romances: Reprinted with permission from Daniel Pocock
Links 15/03/2026: WB Games Montréal Undergoes Layoffs, "Swiss Reject Cuts to Public Broadcasting": Links for the day
Gemini Links 15/03/2026: Messages in Bottles and Audio Streaming in Lagrange for Android: Links for the day
Microsofters' SLAPP Censorship - Part 13 Out of 200: Abuse of Process to Make False Accusations of UKGDPR Violations: familiar barrister and same lawyers
Thrown Under the Microsoft Bus: Microsoft wants disposable contractors
Quitting IBM and "Rumors of an Upcoming RA [Mass Layoffs] in April 2026": Blue layoffs or "RAs" were confirmed upfront by the CFO
GNU/Linux Distro Builders Barely Paid Enough to Pay Basic Bills, Chief of "Linux" Foundation (Not Even Using Linux!) Increases His Own Salary by Over 50% in 5 Years: Salaries or compensation correlate with the ability to exploit people, not to create things
What Puts the Brakes on GNU/Linux Adoption on Laptops and Desktops is Monopoly Control (or Monoculture) Over the Distros: Distros that adopt systemd are controlled by IBM and GAFAM
The "Zero-Sum" Fallacy: Fallacies like "zero-sum" - especially in the context of foreign affairs including war - are utterly ruinous
A Happy Birthday to Richard Stallman: Richard Stallman will turn 73
Jürgen Habermas is Dead, But the Politicised, Inherently Corrupt, Corporatised Court for Patents That He Inspired Is Not: In the news throughout the weekend
Mountains of Abuses of Process by Brett Wilson LLP on Behalf of Americans and Sometimes at the Expense of British Taxpayers: a virtual "limited liability"
linuxteck.com FUD by LLM Slop, ubuntupit.com Passes the Slop Baton: Unless they get back to doing long-form authentic articles, as opposed to slop, no good will come out of it
Links 15/03/2026: New Shortages, Lynx Populations Depletion: Links for the day
Sruthi Chandran & Debian Diversity, Favoritism, Hidden Conflicts of Interest: Reprinted with permission from Daniel Pocock
software in the public domain: Reprinted with permission from Alex Oliva
Links 15/03/2026: Slop "Bubble Driving Interest in Chip Alternatives" and Wildlife Erosion Reported: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, March 14, 2026: IRC logs for Saturday, March 14, 2026
Layoffs in Twitter, Facebook, and Microsoft's LinkedIn: There are silent layoffs at Microsoft this month
We Don't Depend on Google and Don't Care for Google: We have our own site search and we don't depend on Google to bring visits/visitors to us
Change of Address at the Hired Guns, Address Removed: Companies tend to alter their 'shell structure' in anticipation of major action
Facebook Layoffs Due to Enormous Debt, Nothing to Do With "Hey Hi" Slop: The lies about "hey hi" in relation to layoffs will only contribute to further public resentment towards: 1) the media and 2) all the slop.
The Good IBM Managers Have Flown Away, All That's Left is the Book-Cooking Loyalists: IBM is just cheating the SEC and shareholders. This seems to be the only thing IBM's management is nowadays good at.
Microsofters' SLAPP Censorship - Part 12 Out of 200: Months Ahead of Serial Strangler From Microsoft Who Helped Double the Lawsuits (Funded by Third Parties) as 'Revenge' for Exposing Crimes: In 2024 I sat down and wrote about what had been done to me and to my wife
Crime Comes in Many Forms: apparently the SRA is OK with stranglers of women in America bullying the media in the UK
commandlinux.com, linuxteck.com, linuxiac.com, and linuxsecurity.com are Slopfarms With "Linux" in Their Domain Name: once readers realise they read slop they immediately lose interest
Links 14/03/2026: Adoption of Slop Has Killed BuzzFeed, Russia Sees "Economic Gain From Iran War": Links for the day
Patriotism is Conditional, If It's Unconditional, Then It's Like a Cult: My love for Software Freedom is only as strong as my love for Freedom of the Press
Links 14/03/2026: Mass Layoffs at Facebook ('Meta') and Sweeping Layoffs at Twitter (xAI), Social Control Media and Slop Are Only Debt: Links for the day
Wrong Time, Wrong Place (Digg): Kevin Rose and Alexis Ohanian can relaunch Digg.com, but we doubt it'll work "this time for real!"
Universities Became Bad Places for Work: What happened to academia?
Reporting New and Suppressed Information is What Journalism is All About: In the domain of Free software, there are very few sites out there that offer exclusive coverage on community affairs and there are many gagging/censorship attempts
The Limits of Speech and the Rationale of Limitations: it seems to be part of an international trend
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, March 13, 2026: IRC logs for Friday, March 13, 2026
Gemini Links 14/03/2026: Goodness, AD534 Multiplier Module, and Extroverts Online: Links for the day

Parasitical Firms Like Black Duck Exploit Bugs With Branding to Market Nonfree Services/Software

Recent Techrights' Posts